Infineon: Breaking Down Automotive Attacks

MADISON, Wis. -- In the conversation about automotive security, scare tactics might work with some gullible consumers, but they don't seem to work very well on penny-pinching automotive manufacturers. (And here, I'm not even talking about the born skeptics among the engineering crowd in EE Times' community.)

"To become security-aware takes a big learning curve," said Björn Steurich, senior manager of Automotive Systems Group in the automotive division at Infineon Technologies (Munich).

"Every industry has to go through the cycle, and it takes many years for both OEMs and the whole [automotive] eco-system" to reach that point, noted Martin Klimke, principal of technical marketing, Chip Card & Security division at Infineon.

For instance, the PC industry responded by developing Trusted Platform Modules (TPM). Similarly, the banking industry invested heavily in secure chip cards more than a decade ago. Taiwan, in particular, where the industry faced a high fraud rate, was among the first to embrace the practice. Industrial control systems also must react to cyber-security issues.

But it clearly takes more than a paper by university scholars, said Klimke, to justify a business case for security among automotive OEMs. (Klimke was referring to a 2011 paper, entitled as "Comprehensive Experimental Analyses of Automotive Attack Surfaces," written by researchers at the University of Washington and the University of California at San Diego.)

At this moment, no tragic automotive accident caused by external attacks has happened yet, he explained. So, it's really hard for anyone to measure the safety impact of extra security measures. With or without such enhancements, "the car operates just the same," he added.

So, do we conclude that the auto industry is waiting for some day of catastrophic reckoning before their taking any action?

No, not necessarily.

But to win over car companies to tighter automotive security, "we must offer scalable and flexible solutions," Steurich stressed. "We need to make sure that it is what's required and what's paid for."

Infineon, the world's second largest automotive chip company, has been working with a number of US and European car OEMs, tier-one module suppliers and engineering service providers. The needs in automotive security expressed by European auto companies (especially in Germany) are "hardware security, primarily driven out of anti-theft, anti-fraud, anti-tuning measures," said Steurich. For example, these OEMs are worried about things like odometer fraud and unauthorized engine tuning.

Meanwhile, US automotive OEMs are looking for microcontroller security, largely due to their concerns, or fear, of someone hacking into their cars, he added.

Breaking down attacks
Anticipating potential attacks on security controllers in a car, Infineon categorized them in four classes ranging from "logical" and "observing" to "semi-invasive" and "manipulating" attacks. The level of sophistication, time and cost to develop such attacks (and actually executing them) vary from one class to another.

Infineon anticipates different types of automotive security attacks

Types of attacks include: local attacks focused on "command abuse" and the development of "spike attacks" by hackers' observing. Hackers could also work on "power analysis" resulting in semi-invasive attacks, or moving up to "micro probing" to manipulating security controllers.

Infineon's strategy is to address each different classe of attacks with different chip solutions. Here, Infineon firmly believes that the company has a leg up against its competitors (such as NXP Semiconductors, which leads the smart card chip market but has become over the years more selective about its automotive electronics product line, and Freescale Semiconductor which currently offers no smart card chips) because it can offer both "scalability and flexibility" by leveraging "Infineon's 40 years of experience in automotive-grade electronics and 15 years of experience in the smart card chip market," claimed Steurich.

Don't knock university reports, if they anticipate issues that can be addressed then lives and money can be saved. The challenge is to articulate the problem in a persuasive enough manner that the car companies become engaged in solving the problem rather than denial. With luck, perhaps the manufacturers could both solve the problem and intercept other failure modes before they occur.

Tom, yeah, I know, US is far far behind on smart cards. But people in the U.S. --not everyone, though -- do use SIM card inside their mobile handsets. Now, that's the same smart card technology I am talking about here in the article.

A great deal of knowledge about security -- how you partition your chip; how to harden the security, etc. -- has been learned by those who designed secure microcontrollers for chip cards. And some of the underlying technologies are now being applied to the automotive industry.

And your comment about automakers have a higher authority to answer to? Well, here, I am not talking about "remote-control cars; i am talking about the potential of a modern car getting remotely manupilated by external hackers. There are no regulators watching that type of automotive security.

I would tend to agree. They don't want to increase effort or add the expense, especially if the perceived threat is in doubt among some. I can imagine some high-end cars adding this type of security, though. But as far as wide adoption, I am afraid it's going to take a crisis. But they really should get out in front of it, because if something like that does happen, they are going to need years to get the security in place.

The beautiful 250 GT. I think an even more gorgeous Ferrari was the 275 GTS, perhaps. The immediate successor of the 250.

Interesting point about this is that Ferrari and Alfa Romeo engines of those days were already factory tuned to about their limit. Not much one could do aftermarket, to improve on them.

Contrast those with the very common American V-8s of those days, usually married to an anemic 2-barrel carburator and single exhaust. It was not hard to double their horsepower, or even more than double, something that repogramming an ECU these days is hardly likely to achieve. And then, the chassis of that car would be totally outclassed.

Yes there are those "service" companies. On the other hand, you can get such programming devices for only 250 euros over the internet. There was shortly an article about odometer fraud in Germany on the homepage of the Association of German Engineers (VDI). Sorry, it is in German. But there is a picture of a programming device: